General
-
Target
97da9766c2fdca5fd44a6679867f96d7_JaffaCakes118
-
Size
1.9MB
-
Sample
240605-me2ljsch5z
-
MD5
97da9766c2fdca5fd44a6679867f96d7
-
SHA1
1a1c5c1295ea59618b106b8ab7f7b14ac1bcd221
-
SHA256
f99e02475d238f0cb05a9201151e2cc41d5959f8ddf6779b128435361a1c2fd9
-
SHA512
1633846496767ea0567e3bed26ce2acf6bc63e2b26062139fa7773142cc14b1e2da8b3228c97f34dff3f163fb86982a94b00bfe6ce44b1bcdee417c1d7e4cd1d
-
SSDEEP
49152:LS+mgw6THvjnX7IME29MriFBQ3OIYzymvRw5vH+AOGpdlaa5li9:Mgw6jrnXH9M+FW3HbeAO6l69
Malware Config
Targets
-
-
Target
TCGhostRfs+18Tr-LNG.exe
-
Size
2.0MB
-
MD5
e7669bb2da68c90eee43d5e81f57dd43
-
SHA1
c126fb02afe29f95415c61aa7be03165fd8cc854
-
SHA256
b0175c3718d0cb5fbdfddec360078b33a27f4f44a2dfa89bcc74420c8e65cdc9
-
SHA512
d839ef7a7f83d47183f750eb3633e84776feb040ac56a22661049f9ea6d450065f6263ec47d4e4df28652a38b956ddda8dbc5ae88d6267aaef02f0d524b0f065
-
SSDEEP
49152:qeu3Nk8fnRcu9n5OyyVlYpFS/8buu8JJ/vZHDTZH:qV3S8vRcqCWFfbuu8X/5f1
Score6/10-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
游侠网专题导航-游侠网中国单机游戏门户.url
-
Size
186B
-
MD5
165d68468f133ac48cc8dc69ac680730
-
SHA1
2d95ffc734ad0c38b6ca36203c053c47801a8435
-
SHA256
5eb82af4677fbd04c4762b42b9d97504dd9d3665e8437224501147a105113b18
-
SHA512
c1330d7392585eaa1c9d0d063e3a6ac664aa64c6b09c0b4aab69330b6caa6950581a698a9400969e886a6ad7a336cd963199263ac5bddb707d29f2cbbfe93f60
Score1/10 -